CSIRTMalta aims for better cyber threat visibility

National cybersecurity team in Malta CSIRTMalta aimed for better cybersecurity situational awareness as well as to have a more advanced shared threat intelligence among CSIRTMalta and its constituencies. The project was co-financed by the Connecting Europe Facility of the EU.

Threat hunting platform Natrix

 

To enhance the resilience and capacity of national CSIRTMalta, NRD Cyber Security experts have deployed a centralised cybersecurity monitoring and threat hunting platform Natrix. The solution has been created by NRD Cyber Security R&D team to enable coordinated centralised threat monitoring. Its functionalities go beyond just visibility and offer capabilities to build and continuously refine rules for detecting threats and non-compliance. It is set-up for central management, incident handling, and threat hunting.

Also, to improve service provision to CSIRTMalta constituencies, parts of CyberSet, a CSIRT/SOC services automation toolkit, have been deployed.

These are:

decoration

Threat intelligence processing platform

decoration

Ticketing system

decoration

Sandbox platform

decoration

Threat intelligence dashboard

decoration

Constituent information system

decoration

Honeypot platform

CyberSet works as a set of technologies and operational procedures, which provides CSIRTs and SOCs with typical service delivery capabilities, such as security monitoring and incident management. The toolkit enables cybersecurity teams to gain service delivery capabilities much faster and in a more structured manner than by developing them organically.

CyberSet components have enabled processes and services at CSIRTMalta such as:

Situational awareness: cyberthreat intelligence data acquisition, analysis, and synthesis
Security event analysis
Cybersecurity incident analysis, response, and coordination
Knowledge transfer and awareness building

Matthew Yeomans, Director of CSIRTMalta, about what is expected to change:

 

“Due to improved technical capabilities, CSIRTMalta is able to react faster and more efficiently to cyber threats. By consolidating and correlating threat-related events in a single timeline, complex detection tasks become simpler and more successful. Also, as CSIRTMalta grows the size of its team and enhances the services it provides, it increases the role of the team in Malta’s cybersecurity ecosystem.”

 

Icon
Icon

Other stories

CyberSOC managed SOC services in the Bank of Botswana
CyberSOC managed SOC services in the Bank of Botswana
Natrix threat monitoring platform for Egypt's financial sector
Natrix threat monitoring platform for Egypt's financial sector
Assessment of the technical and organisational security defences for the Central Bank of Botswana's infrastructure
Assessment of the technical and organisational security defences for the Central Bank of Botswana's infrastructure
Assessment of the technical and organisational security defences for the Bank of Guyana's infrastructure
Assessment of the technical and organisational security defences for the Bank of Guyana's infrastructure
Sectorial CSIRT for energy sector in Kosovo
Sectorial CSIRT for energy sector in Kosovo
Cybersecurity Fusion Centre Capacity Building for the Central Bank of Nigeria
Cybersecurity Fusion Centre Capacity Building for the Central Bank of Nigeria
European Investment Bank: The Creation of a Methodology to Identify Cyber Security Related Investments
European Investment Bank: The Creation of a Methodology to Identify Cyber Security Related Investments
Assessment of readiness for financial CSIRT build-up at the Reserve Bank of Malawi (on-going)
Assessment of readiness for financial CSIRT build-up at the Reserve Bank of Malawi (on-going)